rpms / pki-core

Clone
Source Code
GIT

Blame SOURCES/pki-core-Fix-missing-CN-error-in-CMC-user-signed.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-10.6 c8-stream-10.6 c8s-stream-10.6 c9 c9-beta
  1.   120910d0d2d850a5fa9961ce994940f1a5b48be1
  2.   SOURCES
  3.   pki-core-Fix-missing-CN-error-in-CMC-user-signed.patch
Blob History Raw
120910 
From ab0cb37875648abfc07e7d781fa91c368f67d313 Mon Sep 17 00:00:00 2001
120910 
From: Christina Fu <cfu@redhat.com>
120910 
Date: Tue, 25 Jul 2017 18:02:02 -0700
120910 
Subject: [PATCH] Ticket #2788 Missing CN in user signing cert would cause
120910 
 error in cmc user-signed This patch takes care of the issue that
120910 
 CMCUserSignedAuth cannot handle cases when CN is not in the subjectDN
120910
120910 
Change-Id: Ieac0712d051dcb993498d9680f005c04158b5549
120910 
(cherry picked from commit 507a8888b6eccfe716ca7bc4647f71cee973afcf)
120910 
---
120910 
 .../netscape/cms/authentication/CMCUserSignedAuth.java | 18 +++++++++---------
120910 
 1 file changed, 9 insertions(+), 9 deletions(-)
120910
120910 
diff --git a/base/server/cms/src/com/netscape/cms/authentication/CMCUserSignedAuth.java b/base/server/cms/src/com/netscape/cms/authentication/CMCUserSignedAuth.java
120910 
index e11a34427..7f872c83d 100644
120910 
--- a/base/server/cms/src/com/netscape/cms/authentication/CMCUserSignedAuth.java
120910 
+++ b/base/server/cms/src/com/netscape/cms/authentication/CMCUserSignedAuth.java
120910 
@@ -371,9 +371,9 @@ public class CMCUserSignedAuth implements IAuthManager, IExtendedPluginInfo,
120910 
                             } else {
120910 
                                 CMS.debug(method + "signed with user cert");
120910 
                                 userid = userToken.getInString("userid");
120910 
-                                uid = userToken.getInString("cn");
120910 
+                                uid = userToken.getInString("id");
120910 
                                 if (userid == null && uid == null) {
120910 
-                                    msg = " verifySignerInfo failure... missing userid and cn";
120910 
+                                    msg = " verifySignerInfo failure... missing id";
120910 
                                     CMS.debug(method + msg);
120910 
                                     throw new EBaseException(msg);
120910 
                                 }
120910 
@@ -1069,7 +1069,8 @@ public class CMCUserSignedAuth implements IAuthManager, IExtendedPluginInfo,
120910 
                             // cert subject principal later in CMCOutputTemplate
120910 
                             // in case of user signed revocation
120910 
                             auditContext.put(SessionContext.CMC_SIGNER_PRINCIPAL, cmcPrincipal);
120910 
-                            auditContext.put(SessionContext.CMC_SIGNER_INFO, cmcPrincipal.getCommonName());
120910 
+                            auditContext.put(SessionContext.CMC_SIGNER_INFO,
120910 
+                                cmcPrincipal.toString());
120910
120910 
                             // check ssl client cert against cmc signer
120910 
                             if (!clientPrincipal.equals(cmcPrincipal)) {
120910 
@@ -1160,13 +1161,13 @@ public class CMCUserSignedAuth implements IAuthManager, IExtendedPluginInfo,
120910
120910 
                         IAuthToken tempToken = new AuthToken(null);
120910 
                         netscape.security.x509.X500Name tempPrincipal = (X500Name) x509Certs[0].getSubjectDN();
120910 
-                        String CN = tempPrincipal.getCommonName(); //tempToken.get("userid");
120910 
-                        CMS.debug(method + " Principal name = " + CN);
120910 
+                        String ID = tempPrincipal.toString(); //tempToken.get("userid");
120910 
+                        CMS.debug(method + " Principal name = " + ID);
120910
120910 
                         BigInteger certSerial = x509Certs[0].getSerialNumber();
120910 
                         CMS.debug(method + " verified cert serial=" + certSerial.toString());
120910 
                         authToken.set(IAuthManager.CRED_CMC_SIGNING_CERT, certSerial.toString());
120910 
-                        tempToken.set("cn", CN);
120910 
+                        tempToken.set("id", ID);
120910
120910 
                         s.close();
120910 
                         return tempToken;
120910 
@@ -1221,9 +1222,8 @@ public class CMCUserSignedAuth implements IAuthManager, IExtendedPluginInfo,
120910 
         netscape.security.x509.X500Name principal =
120910 
                 (X500Name) cert.getSubjectDN();
120910
120910 
-        String CN = principal.getCommonName();
120910 
-        CMS.debug(method + " Principal name = " + CN);
120910 
-        auditContext.put(SessionContext.USER_ID, CN);
120910 
+        CMS.debug(method + " Principal name = " + principal.toString());
120910 
+        auditContext.put(SessionContext.USER_ID, principal.toString());
120910 
     }
120910
120910 
     public String[] getExtendedPluginInfo(Locale locale) {
120910 
--
120910 
2.13.5
120910

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation